76 matches found
EUVD-2019-13639
Malware in sbrugna...
EUVD-2019-13670
Malware in sbrugna...
EUVD-2020-25515
Malware in sbrugna...
EUVD-2021-25387
Malware in sbrugna...
EUVD-2021-16197
Malware in sbrugna...
EUVD-2020-25521
Malware in sbrugna...
EUVD-2024-29774
Malicious code in bioql PyPI...
CVE-2024-31916
IBM OpenBMC FW1050.00 through FW1050.10 BMCWeb HTTPS server component could disclose sensitive URI content to an unauthorized actor that bypasses authentication channels. IBM X-ForceID: 290026...
CVE-2024-31916
CVE-2024-31916 (IBM OpenBMC) affects OpenBMC versions FW1050.00–FW1050.10, where the BMCWeb HTTPS server component could disclose sensitive URI content to an unauthenticated user. Root cause: improper exposure in the HTTPS server that bypasses authentication channels. Impact is limited to sensiti...
CVE-2024-31916 IBM OpenBMC information disclosure
IBM OpenBMC FW1050.00 through FW1050.10 BMCWeb HTTPS server component could disclose sensitive URI content to an unauthorized actor that bypasses authentication channels. IBM X-ForceID: 290026...
CVE-2021-38950
IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege escalation attack when SharedBindingsUserId is set to effective. IBM X-ForceID: 211404...
CVE-2021-38950
IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege escalation attack when SharedBindingsUserId is set to effective. IBM X-ForceID: 211404...
CVE-2021-29723
IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-ForceID: 201100...
Code injection
IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-ForceID: 201100...
CVE-2021-29723
CVE-2021-29723 concerns IBM Sterling Secure Proxy/Sterling Proxy vulnerabilities where several releases (IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2) use weaker-than-expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information. The conn...
CVE-2021-20348
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-ForceID: 194597...
Server side request forgery (ssrf)
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-ForceID: 194597...
CVE-2021-20348
CVE-2021-20348 describes a server-side request forgery (SSRF) affecting IBM Jazz Foundation and IBM Engineering products. An authenticated attacker could issue unauthorized requests from the system, enabling network enumeration or related abuse. Connected sources enumerate affected products (DOOR...
CVE-2021-20348
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-ForceID: 194597...
CVE-2020-4689
IBM Security Guardium 11.2 is vulnerable to CVS Injection. A remote privileged attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-ForceID: 186696...